The Operational Risk Officer is a strategic professional who stays abreast of developments within own field and contributes to directional strategy by considering their application in own job and the business. Recognized technical authority for an area within the business. Requires basic commercial awareness. There are typically multiple people within the business that provide the same level of subject matter expertise. Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas and occasional external customers. Significant impact on the area through complex deliverables. Provides advice and counsel related to the technology or operations of the business. Work impacts an entire area, which eventually affects the overall performance and effectiveness of the sub-function/job family.
Overall Responsibilities:

• Establishes and oversees the application of operational risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks.
• Independently assess' risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices.
• Governance and oversight may include (not limited to) technology operational risk, risk for example.
• Serves as a subject matter expert for Issues Management (KPI/KRI/Corrective Action Plans)
• Resolves transactional level escalations coming from the vendor or internal partners
• Analyzes a multitude of scorecards/performance management tools in an attempt to mitigate exposure (risk/financial/regulatory)
• Monitors goals are met through performance, risk and relationship oversight of our extended supply chain
• Collaborates to resolve any issues which fall within the terms of the contract.
• Develops and maintains relationships across the business users and Lines of Defense to better understand and deliver customer requirements by responding to changes in the internal and external business environment
• Has the ability to operate with a limited level of direct supervision.
• Can exercise independence of judgement and autonomy.
• Acts as SME to senior stakeholders and /or other team members.
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Specific Role Responsibilities:

The Operational Risk Officer will identify, evaluate, assess, and advise on the adequacy of activity, risk, and control structures overall for Citi's Enterprise Infrastructure, Operations and Technology. This oversight will primarily be through the lens of Citi's Risk Appetite within the Technology domain. The role includes independent assessment of the comprehensiveness and effectiveness of programs and underlying processes, the complete suite of control components, and the resulting impact on Risk Appetite.

Working with colleagues in Risk, as well as technology, business and other control functions, the Operational Risk Sr Officer 1 is expected to independently analyze and assess various sources to advance Risk Appetite Oversight. Primary responsibilities will include:

• Support production coordination of assigned Appetite Statements. Leverage subject matter expertise to review and challenge first line assessments of risk appetite alignment.
• Aggregate and analyze various sets of data and develop reporting based on that analysis.
• Support group-wide alignment with existing frameworks and operating models.
• Develop, Review and challenge of key risk indicators, thresholds and first line response to breaches (e.g., escalation and resolution) associated with relevant Appetite Statements.

The candidate is also expected to contribute to the following global ORM-T/C activities:

• Governance and Oversight of technology risk
• Support in the development of Policy and Standards
• Oversight of Key Technology Operational Risks and related indicators and thresholds
• Challenge of business and technology Risk Self Assessments
• Challenge of Business technology Scenario Analysis
• Issue management and oversight and escalation

Qualifications:

The Operational Risk Officer will be a subject matter expert in technology risk with over 6 years of information technology and information security experience. The ideal candidate will have in-depth, detailed knowledge of Technology Risk Management, Operations and Information Security practices, both poor and best. The ideal candidate will have a blend of both tactical technical experience and work supporting strategic initiatives. Prior experience in global financial services firms preferred.

• The ideal candidate will also have working knowledge of Banking Technologies, cybercrime detection and countermeasures, encryption, information security support, application development, network and systems operation, testing and vendor management. Working familiarity with network, operating system, and application security fundamentals.
• In depth knowledge of the Information Systems Audit and Control Association's (ISACA) COBIT* Standard in practice.
• Exposure to Technology Architecture components common across the Financial Industry, Information Technology Infrastructure Library (ITIL), ISACA's Certified in Risk and Information Systems Control (CRISC), and the various frameworks sourced to the National Institute for Standards and Technology (NIST) etc.
• Outstanding communication and influencing skills through all levels of the organization and with external partners. Exceptional relationship management and customer service skills; must be able to address and resolve conflict while maintaining relationships. Strong written communication skills with the ability to effectively communicate complex topics to a broad audience.
• Detailed oriented with analytical skills, as the role requires a large amount of data manipulation and presentation. Expert in Microsoft Office Tools to include SharePoint. Demonstrated experience in leveraging Excel for data analysis is preferred.
• The role is global, and the incumbent must be proactive and capable of leading solutions to global issues with others in different regions and time zones. The successful candidate will need to be a self-starter and able to manage tasks/timelines for self effectively.

Education:

• Bachelor's/University degree, Master's degree preferred.
• Information Security and Information Technology professional certifications preferred (CISA, CISSP, CRISC, etc).

#LI-JO1

-------------------------------------------------

Job Family Group:

-------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Primary Location:

------------------------------------------------------

Primary Location Salary Range:

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review .

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the .

View the Pay Transparency Posting